README

@@ -6,10 +6,7 @@ been initially created and tested with version 2.2.0 in Debian unstable
 available in the `jekyll` package. It is known to work with jekyll from
 Jessie too.
 
-The boilerplate CSS is provided by [Skeleton].
-
 [Jekyll]: https://jekyllrb.com/
-[Skeleton]: http://www.getskeleton.com/
 
 Viewing the website
 -------------------

_reports/2019-06.md

@@ -3,23 +3,24 @@ layout: report
 year: "2019"
 month: "06"
 title: "Reproducible Builds in June 2019"
-draft: true
+draft: false
+published: 2019-07-05 13:58:08
 ---
 
 [![]({{ "/images/reports/2019-06/reproducible-builds.png#right" | prepend: site.baseurl }})](https://reproducible-builds.org/)
 
-**Welcome to the June 2019 report from the [Reproducible Builds](https://reproducible-builds.org) project!** In our reports we outline the most important things which have been up to in and around the world of reproducible builds & secure toolchains over the past month.
+**Welcome to the June 2019 report from the [Reproducible Builds](https://reproducible-builds.org) project!** In our reports we outline the most important things that we have been up to over the past month.
 
-As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users pre-compiled. The motivation behind reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.
+In order that everyone knows what this is about, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries. The motivation behind the reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.
 
-In this month's report, we will cover:
+In June's report, we will cover:
 
-* **Media coverage** — *Lego bricks, pizza and... Reproducible Builds?!*
-* **Upstream news** — *Is Trusting Trust close to a "rebuttal"?*
-* **Events** — *What happened at MiniDebConf Hamburg and the OpenWrt Summit, etc.*
+* **Media coverage** — *Lego bricks, pizza and... Reproducible Builds‽*
+* **Upstream news** — *Is Trusting Trust close to a 'rebuttal'?*
+* **Events** — *What happened at MiniDebConf Hamburg, the OpenWrt Summit, etc.*
 * **Software development** — *Patches patches patches, etc.*
 * **Misc news** — *From our mailing list...*
-* **Getting in touch** — *... and how to contribute.*
+* **Getting in touch**... *and how to contribute.*
 
 ---
 
@@ -29,11 +30,11 @@ In this month's report, we will cover:
 
 [![]({{ "/images/reports/2019-06/prototypefund.png#center" | prepend: site.baseurl }})](https://www.youtube.com/watch?v=PSxm2DbDHG8)
 
-* Joseph Devietti from [Cloudseal](https://www.cloudseal.io) published a post titled [*An introduction to reproducible builds*](https://www.cloudseal.io/blog/2019-05-15-introduction-to-reproducible-builds) on their blog, noting that:
+* Joseph Devietti from [Cloudseal](https://www.cloudseal.io) published a post titled [*An introduction to reproducible builds*](https://www.cloudseal.io/blog/2019-05-15-introduction-to-reproducible-builds) on their blog. It gives a brief overview of the problem and what we are trying to solve, additionally noting the practical point that:
 
 > One key motivation for reproducible builds is to enable peak efficiency for the build caches used in modern build systems.
 
-* Carl Dong gave a talk titled [*Bitcoin Build System Security*](https://www.youtube.com/watch?v=I2iShmUTEl8) at the [Breaking Bitcoin](https://breaking-bitcoin.com/) conference in Amsterdam, Netherlands.
+* Carl Dong gave a presentation entitled [*Bitcoin Build System Security*](https://www.youtube.com/watch?v=I2iShmUTEl8) at the [Breaking Bitcoin](https://breaking-bitcoin.com/) conference in Amsterdam, Netherlands.
 
 ---
 
@@ -43,7 +44,9 @@ In this month's report, we will cover:
 
 [![]({{ "/images/reports/2019-06/fedora.png#right" | prepend: site.baseurl }})](https://getfedora.org/)
 
-* The [Fedora project](https://getfedora.org/) debated setting [`SOURCE_DATE_EPOCH`](https://reproducible-builds.org/docs/source-date-epoch/) [in all builds via `rpm`](https://src.fedoraproject.org/rpms/redhat-rpm-config/pull-request/57) which was accepted and merged on June 27th by Igor Gnatenko.
+* The [Fedora project](https://getfedora.org/) debated setting the [`SOURCE_DATE_EPOCH`](https://reproducible-builds.org/docs/source-date-epoch/) environment variable [in all builds via `rpm`](https://src.fedoraproject.org/rpms/redhat-rpm-config/pull-request/57), an idea that was accepted and merged on the 27th by Igor Gnatenko.
+
+<br>
 
 * [Jeremiah Orians announced that version 1.0](https://lists.reproducible-builds.org/pipermail/rb-general/2019-June/001593.html) of the [`mescc-tools-seed`](https://github.com/oriansj/mescc-tools-seed) compiler has been released. For those not familiar with the project, it is the full bootstrap of a cross-platform compiler for the C programming language (written in C itself) from hex, the ultimate goal being able to demonstrate fully-bootstrapped compiler from hex to the [GCC GNU Compiler Collection](https://gcc.gnu.org/). This has many implications in and around [Ken Thompson](https://en.wikipedia.org/wiki/Ken_Thompson)'s [*Trusting Trust*](https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf) attack he outlined in his 1983 [Turing Award Lecture](https://amturing.acm.org/lectures.cfm).
 
@@ -53,7 +56,7 @@ In this month's report, we will cover:
 
 [![]({{ "/images/reports/2019-06/debconf19.png#right" | prepend: site.baseurl }})](https://debconf19.debconf.org)
 
-There were a number of events that included or incorporated members of the Reproducible Builds community this month. If you know of any others, please do [get in touch]({{ "/who/" | prepend: site.baseurl }}). In addition, a number of members of the Reproducible Builds project will be at [DebConf 2019](https://debconf19.debconf.org/) in Curitiba, Brazil and will [present on the status of their work](https://debconf19.debconf.org/talks/30-reproducible-builds-aiming-for-bullseye/).
+There were a number of events that included or incorporated members of the Reproducible Builds community this month. If you know of any others, please [do get in touch]({{ "/who/" | prepend: site.baseurl }}). In addition, a number of members of the Reproducible Builds project will be at [DebConf 2019](https://debconf19.debconf.org/) in Curitiba, Brazil and will [present on the status of their work](https://debconf19.debconf.org/talks/30-reproducible-builds-aiming-for-bullseye/).
 
 ### MiniDebConf Hamburg 2019
 
@@ -61,6 +64,8 @@ Holger Levsen, Jelle van der Waa, *kpcyrd* and Alexander Couzens attended [MiniD
 
 [![]({{ "/images/reports/2019-06/aimingforbullseye.png#center" | prepend: site.baseurl }})](https://www.youtube.com/watch?v=vQv4fxDMMPs)
 
+<br>
+
 Jelle van der Waa kindly gifted Holger with a [Reproducible Builds display](https://github.com/jelly/reproduciblebuilds-display):
 
 [![]({{ "/images/reports/2019-06/reprobuilds-display.jpeg#center" | prepend: site.baseurl }})](https://raw.githubusercontent.com/jelly/reproduciblebuilds-display/master/img/reprobuilds-display.jpeg)
@@ -108,7 +113,7 @@ Here, Holger participated in the discussions regarding `.buildinfo` build-attest
 
 Chris Lamb spent significant time working on [`buildinfo.debian.net`](https://buildinfo.debian.net), his experiment into how to process, store and distribute `.buildinfo` files after the Debian archive software has processed them. This included:
 
-* Started making the move to Python 3.x (and [Django](https://www.djangoproject.com/) 2.x) [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/ef866349fab43000abd6e6115b1120e035f33bf9)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/c44c2eaf52defa599a67d1bc02e2e4a58a386e6e)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/d27540daeedab116f09e52e4bb186b97861e5d0e)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/9a68e9ab1aa13dd8550833dcab924c8818d3277f)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/ec475c64274e88244661f3f76374f453b562276c)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/c46e48bd52a89b0839a4a17728d6dd96be8a1bc5)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/0dcac1d682b151092bd2988b0bc442508c8bda17)], additionally performing a large number of adjacent cleanups including dropping the authentication framework [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/961be8b0b935f84f3c67804453c1508ff1751a5f)], fixing a number of [flake8](http://flake8.pycqa.org/) warnings [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/6f1257b82c89c639ec694c37d7aa6d76fcae38be)], adding a `setup.cfg` to silence some warnings [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/fc7bbc25b163c05a8ef1e74b3a77bf94a40ab30c)], moving to `__str__` and `str.format(...)` over `%`-style interpolation and `u"Unicode"` strings [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/afc77977fa2ad376f828009f532be2581e3bd9b7)], etc.
+* Started making the move to Python 3.x (and [Django](https://www.djangoproject.com/) 2.x) [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/ef866349fab43000abd6e6115b1120e035f33bf9)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/c44c2eaf52defa599a67d1bc02e2e4a58a386e6e)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/d27540daeedab116f09e52e4bb186b97861e5d0e)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/9a68e9ab1aa13dd8550833dcab924c8818d3277f)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/ec475c64274e88244661f3f76374f453b562276c)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/c46e48bd52a89b0839a4a17728d6dd96be8a1bc5)][[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/0dcac1d682b151092bd2988b0bc442508c8bda17)] additionally performing a large number of adjacent cleanups including dropping the authentication framework [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/961be8b0b935f84f3c67804453c1508ff1751a5f)], fixing a number of [flake8](http://flake8.pycqa.org/) warnings [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/6f1257b82c89c639ec694c37d7aa6d76fcae38be)], adding a `setup.cfg` to silence some warnings [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/fc7bbc25b163c05a8ef1e74b3a77bf94a40ab30c)], moving to `__str__` and `str.format(...)` over `%`-style interpolation and `u"Unicode"` strings [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/afc77977fa2ad376f828009f532be2581e3bd9b7)], etc.
 
 * Added a number of (as-yet unreleased…) features, including caching the expensive landing page queries. [[...](https://salsa.debian.org/reproducible-builds/buildinfo.debian.net/commit/79f5e03946b8550ed41bdee5d811ef6ae846ba52)]
 
@@ -268,4 +273,4 @@ If you are interested in contributing the Reproducible Builds project, please vi
 
 ---
 
-This month's report was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Jelle van der Waa, *kpcyrd* & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
+This month's report was written by Alexander Borkowski, Arnout Engelen, Bernhard M. Wiedemann, [Chris Lamb](https://chris-lamb.co.uk/), *heinrich5991*, Holger Levsen, Jelle van der Waa, *kpcyrd* & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

assets/styles/custom.scss

@@ -7,6 +7,11 @@ main {
     color: inherit;
   }
 
+  h1 {
+    font-weight: bold;
+    margin-bottom: 2.5rem;
+  }
+
   img {
     max-width: 100%;
     padding-bottom: 0.5rem;

bin/generate-draft.template

@@ -6,7 +6,7 @@ title: "Reproducible Builds in {{ month_year }}"
 draft: true
 ---
 
-**Welcome to the {{ month_year }} report from the [Reproducible Builds](https://reproducible-builds.org) project!** In our reports we outline the most important things which we have been up to in and around the world of reproducible builds & secure toolchains over the past month.
+**Welcome to the {{ month_year }} report from the [Reproducible Builds](https://reproducible-builds.org) project!** In our reports we outline the most important things that we have been up over the past month.
 
 As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users pre-compiled. The motivation behind reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.